Overview

overview

10

Static

static

10

2136-1201-...ry.exe

windows7-x64

1

2136-1201-...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2136-1201-0x0000000000400000-0x0000000000473000-memory.dmp

  • Size

    460KB

  • Sample

    241216-srrj1atlg1

  • MD5

    23c4d39ec8ac06729e1edfa0e042dda1

  • SHA1

    2937be619ee85085de7f79d613672242b3792f10

  • SHA256

    25ef3c4d0c7f6e0e13810ce6e1e0b08d6f80e74bed09beba82e8d5b3e957254e

  • SHA512

    32de38c46cf7b16e0ecca05ecc600ba7104c0e5231036c7f1cfe21c46af5424555d06199bad17847e0695c4ec9d57d1fdb0cb899be82513a6b00efcc94dc3e27

  • SSDEEP

    6144:rs9CceayWHm71Y2pDmbgqxDwk82hl/Vx4p5Cp/yFPMsXnQODVNIg+0TtgRLAOAZ:rs9CceayWHmO21YDnL/yFPMsXMRL6Tk

Score
10/10
amadeyb44aeb

Malware Config

Extracted

Family

amadey

Version

5.04

Botnet

b44aeb

Attributes
  • install_dir

    7725ce688f

  • install_file

    Gxtuum.exe

  • strings_key

    8bf9b3f72bb53c678e0173edf42df1ae

  • url_paths

    /3ofn3jf3e2ljk/index.php

rc4.plain

Targets

    • Target

      2136-1201-0x0000000000400000-0x0000000000473000-memory.dmp

    • Size

      460KB

    • MD5

      23c4d39ec8ac06729e1edfa0e042dda1

    • SHA1

      2937be619ee85085de7f79d613672242b3792f10

    • SHA256

      25ef3c4d0c7f6e0e13810ce6e1e0b08d6f80e74bed09beba82e8d5b3e957254e

    • SHA512

      32de38c46cf7b16e0ecca05ecc600ba7104c0e5231036c7f1cfe21c46af5424555d06199bad17847e0695c4ec9d57d1fdb0cb899be82513a6b00efcc94dc3e27

    • SSDEEP

      6144:rs9CceayWHm71Y2pDmbgqxDwk82hl/Vx4p5Cp/yFPMsXnQODVNIg+0TtgRLAOAZ:rs9CceayWHmO21YDnL/yFPMsXMRL6Tk

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks